Lab Manual

Fundamentals of Networks
502482-3
 Table of Contents

S. No Week No Experiment
Study of different types of Network cables and practically
1 Week 1 implements the cross-wired cable and straight through cable
using clamping tool.
2 Week 2 Study of following Network Devices in Detail (1).
3 Week 3 Study of following Network Devices in Detail (2).
4 Week 4 Demonstrations of practice of IP Addressing.
5 Week 5 Demonstrations of Subnetting in IP.
6 Week 6 Connect the computers in Local Area Network.
Study of basic network command and Network configuration
7 Week 7
commands.
8 Week 8 Performing an Initial Switch Configuration.
9 Week 9 Performing an Initial Router Configuration.
10 Week 10 Configuring and Troubleshooting a Switched Network (1).
11 Week 11 Configuring and Troubleshooting a Switched Network (2).
12 Week 12 Connecting a Switch.
 Experiment-1
Aim: Study of different types of Network cables and practically implements the cross-wired
cable and straight through cable using clamping tool.

Apparatus (Components): RJ-45 connector, Climping Tool, Twisted pair Cable

Procedure: To do these practical following steps should be done:

1. Start by stripping off about 2 inches of the plastic jacket off the end of the cable. Be very
careful at this point, as to not nick or cut into the wires, which are inside. Doing so could alter
the characteristics of your cable, or even worse render is useless. Check the wires, one more time
for nicks or cuts. If there are any, just whack the whole end off, and start over.

2. Spread the wires apart, but be sure to hold onto the base of the jacket with your other hand.
You do not want the wires to become untwisted down inside the jacket. Category 5 cable must
only have 1/2 of an inch of 'untwisted' wire at the end; otherwise it will be 'out of spec'. At this
point, you obviously have ALOT more than 1/2 of an inch of un-twisted wire.

3. You have 2 end jacks, which must be installed on your cable. If you are using a pre-made
cable, with one of the ends whacked off, you only have one end to install - the crossed over end.
Below are two diagrams, which show how you need to arrange the cables for each type of cable
end. Decide at this point which end you are making and examine the associated picture below.

Diagram shows you how to prepare Cross wired connection

Diagram shows you how to prepare straight through wired connection
 Experiment-2
Aim: Study of following Network Devices in Detail (1)

• Repeater

• Hub

• Switch

Apparatus (Software): No software or hardware needed.

Procedure: Following should be done to understand this practical.

1. Repeater: Functioning at Physical Layer. A repeater is an electronic device that receives a

signal and retransmits it at a higher level and/or higher power, or onto the other side of an
obstruction, so that the signal can cover longer distances. Repeater have two ports ,so cannot be
used to connect for more than two devices

2. Hub: An Ethernet hub, active hub, network hub, repeater hub, hub or concentrator

is a device for connecting multiple twisted pair or fiber optic Ethernet devices together and
making them act as a single network segment. Hubs work at the physical layer (layer 1) of the
OSI model. The device is a form of multiport repeater. Repeater hubs also participate in collision
detection, forwarding a jam signal to all ports if it detects a collision.

3. Switch: A network switch or switching hub is a computer networking device that connects
network segments. The term commonly refers to a network bridge that processes and routes data
at the data link layer (layer 2) of the OSI model. Switches that additionally process data at the
network layer (layer 3 and above) are often referred to as Layer 3 switches or multilayer
switches.
 Experiment-3
Aim: Study of following Network Devices in Detail (2)

• Bridge

• Router

• GateWay

Apparatus (Software): No software or hardware needed.

Procedure: Following should be done to understand this practical.

1. Bridge: A network bridge connects multiple network segments at the data link layer
(Layer 2) of the OSI model. In Ethernet networks, the term bridge formally means a
device that behaves according to the IEEE 802.1 D standards. A bridge and switch are
very much alike; a switch being a bridge with numerous ports. Switch or Layer 2 switch
is often used interchangeably with bridge .Bridges can analyze incoming data packets to
determine if the bridge is able to send the given packet to another segment of the
network.

2. Router: A router is an electronic device that interconnects two or more computer

networks, and selectively interchanges packets of data between them. Each data packet
contains address information that a router can use to determine if the source and
destination are on the same network, or if the data packet must be transferred from one
network to another. Where multiple routers are used in a large collection of
interconnected networks, the routers exchange information about target system
addresses, so that each router can build up a table showing the preferred paths between
any two systems on the interconnected networks.

3. GateWay: In a communications network, a network node equipped for interfacing with

another network that uses different protocols.

• A gateway may contain devices such as protocol translators, impedance matching

devices, rate converters, fault isolators, or signal translators as necessary to provide
system interoperability. It also requires the establishment of mutually acceptable
administrative procedures between both networks.

• A protocol translation/mapping gateway interconnects networks with different network

protocol technologies by performing the required protocol conversions.
 Experiment-4
Aim: Demonstrations of practice of IP Addressing

Several parameters need to be configured correctly for a computer to have full functionality
on an IP inter-network such as the Internet. These include:

IP ADDRESS: The IP address is the address of the computer’s interface on the network.
Consequently, a system may have several different IP addresses if it has several different
interfaces. For example, a router will have a different IP address for each network it is
connected to.

Addresses with a leading bit of zero are class A addresses and are in the range 1.0.0.0
through 126.255.255.255. Possible classes are:

Class Leading bits Range

A 0 1.0.0.0–127.255.255.255

B 10 128.0.0.0–191.255.255.255

C 110 192.0.0.0–223.255.255.255

D 1110 224.0.0.0–239.255.255.255

E 1111 240.0.0.0–255.255.255.255

Generally, you will rarely see class D or E addresses.

IP addresses can be further divided into two groups—globally unique addresses or private
addresses. Addresses falling within any of the following ranges are considered private or non-
routable addresses:

10.0.0.0–10.255.255.255

172.16.0.0–172.31.255.255
169.254.0.0–169.254.255.255 (auto configure IP addresses)

192.168.0.0–192.168.255.255
All other class A, class B, and class C addresses are legal, globally unique addresses.
 st
1 Octet
st
1 Octet Decimal High Network / Host ID
Range Order (N = Default Subnet Mask
Network, H =
Bits Host)
1-126 * 0 NHHH 255.0.0.0
127(Loopback IP) 0 NHHH 255.0.0.0
128-191 10 NNHH 255.255.0.0
192-223 110 NNNH 255.255.255.0
Reserved for
224-239 1110 Multicasting
240-254 1111 Experimental; used for research

The first octet referred here is the left most of all. The octets numbered as follows depicting dotted
decimal notation of IP Address:

The number of networks and the number of hosts per class can be derived by this formula:

Class A Address

The first bit of the first octet is always set to 0 (zero). Thus the first octet ranges from 1 – 127, i.e.

Class A addresses only include IP starting from 1.x.x.x to 126.x.x.x only. The IP range 127.x.x.x
(127.0.0.1)is reserved for loopback IP addresses(A loopback address is a type of

IP address that is used to test the communication or transportation medium on a local network
card and/or for testing network applications.). Class Supports 16 million hosts on each of 127
networks.
CLASS B ADDRESS

An IP address which belongs to class B has the first two bits in the first octet set to 10, i.e.

Class B IP Addresses range from 128.0.x.x to 191.255.x.x. The default subnet mask for Class B is
255.255.x.x.

Class B Supports 65,000 hosts on each of 16,000 networks.

Class C Address

The first octet of Class C IP address has its first 3 bits set to 110, that is:

Class C IP addresses range from 192.0.0.x to 223.255.255.x. The default subnet mask for Class C
is 255.255.255.x.Class C Supports 254 hosts on each of 2 million networks.

Class D Address

Very first four bits of the first octet in Class D IP addresses are set to 1110, giving a range of:

Class D has IP address rage from 224.0.0.0 to 239.255.255.255. Class D is reserved for
Multicasting. In multicasting data is not destined for a particular host, that is why there is no need
to extract host address from the IP address, and Class D does not have any subnet mask.

CLASS E ADDRESS

This IP Class is reserved for experimental purposes only for R&D or Study. IP addresses in this
class ranges from 240.0.0.0 to 255.255.255.254. Like Class D, this class too is not equipped with
any subnet mask.
AUTO MATICALLY ASSIGNED ADDRESSES

192.168.1.0 0 is the automatically assigned network address.

192.168.1.1 1 is the commonly used address used as the gateway.

192.168.1.2 2 is also a commonly used address used for a gateway.

Addresses beyond 3 are assigned to computers and devices on the

192.168.1.3 - 254 network.

255 is automatically assigned on most networks as the broadcast

192.168.1.255 address.

By default the router you use will assign each of your computers their own IP address, If you need
to register an IP address that can be seen on the Internet, you must register through a web host that
can assign you addresses. Anyone who connects to the Internet is assigned an IP address by their
Internet Service Provider (ISP) who has registered a range of IP addresses

NETWORK MASK: Network addresses can be subdivided into two or three parts. Typically, the
low-order bits of the address, also called the host number, are used to identify individual hosts on
the local network. The high-order bits are used to identify the network. If subnetting is used, the
high-order bits will be divided between the network number and the subnet number.
BROADCAST ADDRESS: This is the address used to send out request to every computer on the
local network. It is used by protocols like ARP. It is formed by setting all the bits in the host
portion of the address to ones.
DEFAULT ROUTER OR GATEWAY: If two machines have the same network and sub network
numbers, they are on the same subnet and can communicate directly. If this is not the case,
packets must be routed for one sub network to another. A host may know which router to send the
packet to for a specific host. If this is not the case, then the packet is sent to a default router that
must forward the packet onto the next network on the path to its destination.
In Microsoft Windows, the network applet under the control panel is used to set configuration
parameters for networking (or to direct the computer to use DHCP). Fortunately, Microsoft
provides two utilities for examining parameters. For most versions of Windows, you can run the
command ―ipconfig \all‖ under a DOS window. For a few versions of Windows, such as 3.0, you

use the Windows command ―winipcfg \all‖ from Start Run….
 Experiment-5
Aim: Demonstrations of Subnetting in IP Address
Subnetting is a process of dividing large network into the smaller networks based on layer 3 IP
address. Every computer on network has an IP address that represents its location on network.
Two version of IP addresses are available IPv4 and IPv6. In this article we will perform subnetting
on IPv4.

IPv4

IP addresses are displayed in dotted decimal notation, and appear as four numbers separated by
dots. Each number of an IP address is made from eight individual bits known as octet. Each octet
can create number value from 0 to 255. An IP address would be 32 bits long in binary divided into
the two components, network component and host component. Network component is used to
identify the network that the packet is intended for, and host component is used to identify the
individual host on network.

IP addresses are broken into the two components:

Network component: - Defines network segment of device.

Host component: - Defines the specific device on a particular network segment

IP Classes in decimal notation

Class A addresses range from 1-126
Class B addresses range from 128-191
Class C addresses range from 192-223
Class D addresses range from 224-239
Class E addresses range from 240-254
0 [Zero] is reserved and represents all IP addresses.
127 is a reserved address and is used for testing, like a loop back on an interface.
255 is a reserved address and is used for broadcasting purposes.

Binary to Decimal and Decimal to Binary Conversion:-

Under Digital Electronics Similarly decimal numbers can be converted into binary numbers also.
As we have already seen that a binary number can be converted into decimal number by
multiplying the numbers with certain powers of 2, the reverse operation i.e. converting a decimal
number into binary number requires certain number of divisions depending upon the character of
the number. In this method the decimal number is divided by 2 until the remainder reaches 1 and
the dividends are queued up in reverse manner i.e. in the opposite manner of their acquiring
beginning from the remainder which is 1. We can show the conversion with the help of an
example which will make it easier to understand. Suppose we are converting the decimal number
(87)10. Now the conversion is shown below
Binary is 1010111

Subnet mask

Subnet mask is a 32 bits long address used to distinguish between network address and host
address in IP address. Subnet mask is always used with IP address. Subnet mask has only one
purpose, to identify which part of an IP address is network address and which part is host
address.
For example how will we figure out network partition and host partition from IP address
192.168.1.10? Here we need subnet mask to get details about network address and host address.

• In decimal notation subnet mask value 1 to 255 represent network address and value 0
[Zero] represent host address.

• In binary notation subnet mask on bit [1] represent network address while off bit [0]
represent host address.

In decimal notation
IP address 192.168.1.10
Subnet mask 255.255.255.0
Network address is 192.168.1 and host address is 10.

In binary notation
IP address 11000000.10101000.00000001.00001010
Subnet mask
11111111.11111111.11111111.00000000

Network ID
First address of subnet is called network ID. This address is used to identify one segment
or broadcast domain from all the other segments in the network.
 Block Size
Block size is the size of subnet including network address, hosts addresses and
broadcast address.

Broadcast ID
There are two types of broadcast, direct broadcast and full broadcast.

Direct broadcast or local broadcast is the last address of subnet and can be hear by all hosts
in subnet.

Full broadcast is the last address of IP classes and can be hear by all IP hosts in network.
Full broadcast address is 255.255.255.255

The main difference between direct broadcast and full broadcast is that routers will not
propagate local broadcasts between segments, but they will propagate directed broadcasts.

Host Addresses
All address between the network address and the directed broadcast address is called host
address for the subnet. You can assign host addresses to any IP devices such as PCs,
servers, routers, and switches.

IP Class Default Subnet Network bits Host bits Total hosts Valid hosts

A 255.0.0.0 First 8 bits Last 24 16, 777, 216 16, 777, 214
bits (256*256*256)

B 255.255.0.0 First 16 bits Last 16 65,536(256*256) 65,534

bits

C 255.255.255.0 First 24 bits Last 8 bits 256 254

Subnetting
Subnetting is a process of breaking large network in small networks known as subnets.
Subnetting happens when we extend default boundary of subnet mask. Basically we borrow
host bits to create networks. Let's take a example

Being a network administrator you are asked to create two networks, each will host 30
systems. Single class C IP range can fulfill this requirement, still you have to purchase 2
class C IP range, one for each. Single class C range provides 256 total addresses and we
need only 30 addresses, this will waste 226 addresses. These unused addresses would make
additional route advertisements slowing down the network.
With subnetting you only need to purchase single range of class C. You can configure router
to take first 26 bits instead of default 24 bits as network bits. In this case we would extend
default boundary of subnet mask and borrow 2 host bits to create networks. By taking two bits
from the host range and counting them as network bits, we can create two new subnets, and
assign hosts them.

Base position 27 26 25 24 23 22 21 20

Decimal value 128 64 32 16 8 4 2 1

Convert decimal to binary

To convert a decimal number in binary we would use addition till number method. In this method
we start adding from left to get target value. If after adding right position value, sum is lower than
target number, keep adding, or if sum is greater than target number skip the position Value. Only
the value of on bit [1] will be added in sum. Off bit [0] has zero value. For example, convert
decimal number 117 in binary.
Target decimal number 117
Move direction From Left ===========================> to Right

Base position 27 26 25 24 23 22 21 20

Decimal value 128 64 32 16 8 4 2 1

Bit status 0 1 1 1 0 1 0 1

Decimal value in addition 0 64 32 16 0 4 0 1

Binary value of 117 is 01110101.

Decimal calculation Bit in binary

128 is greater than 117 off the bit
0+64 = 64 is less than 117 on the bit
0+64+32 = 96 is less than 117 on the bit
0+64+32+16 = 112 is less than 117 on the bit
0+64+32+16+8 = 120 is greater than 117 off the bit
0+64+32+16+0+4 = 116 is less than 117 on the bit
0+64+32+16+0+4+2 = 118 is greater than 117 off the bit
0+64+32+16+0+4+0+1 = 117 is equivalent to 117 on the bit
Convert binary in decimal

To convert a binary in decimal we will follow above method in reverse mode. We will find
the decimal value of on binary bit position and add them. For example convert 10101010
binary numbers in decimal. Target binary number 10101010
Move direction From Left ===========================> to Right

Base position 27 26 25 24 23 22 21 20

Decimal value 128 64 32 16 8 4 2 1

Bit status 1 0 1 0 1 0 1 0

Decimal value in addition 128 0 32 0 8 0 2 0

Decimal value of 10101010 is 170 [128+0+32+0+8+0+2+0 ]

Binary bit Decimal value

1 On bit 128
0 Off bit 0
1 On bit 64
0 Off bit 0
1 On bit 32
0 Off bit 0
1 On bit 8
0 Off bit 0
1 On bit 2
0 Off bit 0

Default subnet mask

Class Subnet Mask Format

A 255.0.0.0 Network.Host.Host.Host
B 255.255.0.0 Network.Network.Host.Host
C 255.255.255.0 Network.Network.Network.Host
 Experiment-6
Aim: Connect the computers in Local Area Network.

Procedure: On the host computer

On the host computer, follow these steps to share the Internet connection:

1. Log on to the host computer as Administrator or as Owner.

2. Click Start, and then click Control Panel.

3. Click Network and Internet Connections.

4. Click Network Connections.

5. Right-click the connection that you use to connect to the Internet. For example, if you
connect to the Internet by using a modem, right-click the connection that you want under Dial-up
/ other network available.

6. Click Properties.

7. Click the Advanced tab.

8. Under Internet Connection Sharing, select the Allow other network users to connect
through this computer's Internet connection check box.

9. If you are sharing a dial-up Internet connection, select the Establish a dial-up connection
whenever a computer on my network attempts to access the Internet check box if you want
to permit your computer to automatically connect to the Internet.

10. Click OK. You receive the following message:

When Internet Connection Sharing is enabled, your LAN adapter will be set to use IP address
192.168.0. 1. Your computer may lose connectivity with other computers on your network. If
these other computers have static IP addresses, it is a good idea to set them to obtain their IP
addresses automatically. Are you sure you want to enable Internet Connection Sharing?

11. Click Yes.

The connection to the Internet is shared to other computers on the local area network (LAN).

The network adapter that is connected to the LAN is configured with a static IP address
of 192.168.0. 1 and a subnet mask of 255.255.255.0
On the client computer

To connect to the Internet by using the shared connection, you must confirm the LAN adapter IP
configuration, and then configure the client computer. To confirm the LAN adapter IP
configuration, follow these steps:

1. Log on to the client computer as Administrator or as Owner.

2. Click Start, and then click Control Panel.
3. Click Network and Internet Connections.

4. Click Network Connections.

5. Right-click Local Area Connection and then click Properties.

6. Click the General tab, click Internet Protocol (TCP/IP) in the connection uses the following
items list, and then click Properties.

7. In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain an IP

address automatically (if it is not already selected), and then click OK.

Note: You can also assign a unique static IP address in the range of 192.168.0.2 to

254. For example, you can assign the following static IP address, subnet mask, and default gateway:

8. IP Address 192.168.31.202
9. Subnet mask 255.255.255.0
10. Default gateway 192.168.31.1

11. In the Local Area Connection Properties dialog box, click OK.

12. Quit Control Panel.

 Experiment-7
Aim: Study of basic network command and Network configuration commands.

Apparatus (Software): Command Prompt And Packet Tracer.

Procedure: To do this EXPERIMENT- follows these steps:

In this EXPERIMENT- students have to understand basic networking commands e.g

ping, tracert etc.

All commands related to Network configuration which includes how to switch to privilege mode
and normal mode and how to configure router interface and how to save this configuration to
flash memory or permanent memory.

This commands includes

• Configuring the Router commands

• General Commands to configure network

• Privileged Mode commands of a router

• Router Processes & Statistics

• IP Commands

• Other IP Commands e.g. show ip route etc.

ping:
ping(8) sends an ICMP ECHO_REQUEST packet to the specified host. If the host responds, you get
an ICMP packet back. Sound strange? Well, you can “ping” an IP address to see if a machine

is alive. If there is no response, you know something is wrong.

Traceroute:
Tracert is a command which can show you the path a packet of information takes from your
computer to one you specify. It will list all the routers it passes through until it reaches its
destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop'
from router to router takes.

nslookup:

Displays information from Domain Name System (DNS) name servers.

NOTE :If you write the command as above it shows as default your pc's server name firstly.

pathping:

A better version of tracert that gives you statics about packet lost and latency.
Getting Help

In any command mode, you can get a list of available commands by entering a question mark (?).

Router>?

To obtain a list of commands that begin with a particular character sequence, type in those
haracters followed immediately by the question mark (?).

Router#co?

configure connect copy

To list keywords or arguments, enter a question mark in place of a keyword or argument.

Include a space before the question mark.

Router#configure ?

memory Configure from NV memory network Configure from a TFTP network host terminal
Configure from the terminal

You can also abbreviate commands and keywords by entering just enough characters to
make the command unique from other commands. For example, you can abbreviate the show
command to sh.

Configuration Files

Any time you make changes to the router configuration, you must save the changes to memory
because if you do not they will be lost if there is a system reload or power outage. There are two
types of configuration files: the running (current operating) configuration and the startup
configuration.

Use the following privileged mode commands to work with configuration files.
 Experiment-8
Aim: Performing an Initial Switch Configuration

Topology Diagram

Background / Preparation

In this activity, you will configure these settings on the customer Cisco Catalyst 2960 switch:

• Host name

• Console password

• vty password

• Privileged EXEC mode password

• Privileged EXEC mode secret

• IP address on VLAN1 interface

• Default gateway
Note: Not all commands are graded by Packet Tracer.

Step 1: Configure the switch host name.

a. From the Customer PC, use a console cable and terminal emulation software to connect to
the console of the customer Cisco Catalyst 2960 switch.

b. Set the host name on the switch to CustomerSwitch using these commands.

Switch>enable

Switch#configure terminal

Switch(config)#hostname CustomerSwitch

Step 2: Configure the privileged mode password and secret.

a. From global configuration mode, configure the password as cisco.

CustomerSwitch(config)#enable password cisco

b. From global configuration mode, configure the secret as cisco123.

CustomerSwitch(config)#enable secret cisco123

Step 3: Configure the console password.

a. From global configuration mode, switch to configuration mode to configure the

console line. CustomerSwitch(config)#line console 0

b. From line configuration mode, set the password to cisco and require the password to be
entered at login.

CustomerSwitch(config-line)#password cisco

CustomerSwitch(config-line)#login
 CustomerSwitch(config-line)#exit

Step 4: Configure the vty password.

a. From global configuration mode, switch to the configuration mode for the vty lines 0 through
15.

CustomerSwitch(config)#line vty 0 15

b. From line configuration mode, set the password to cisco and require the password to be
entered at login.

CustomerSwitch(config-line)#password cisco

CustomerSwitch(config-line)#login

CustomerSwitch(config-line)#exit

Step 5: Configure an IP address on interface VLAN1.

From global configuration mode, switch to interface configuration mode for VLAN1, and assign the
IP address 192.168.1.5 with the subnet mask of 255.255.255.0.

CustomerSwitch(config)#interface vlan 1
CustomerSwitch(config-if)#ip address 192.168.1.5
255.255.255.0 CustomerSwitch(config-if)#no shutdown
CustomerSwitch(config-if)#exit

Step 6: Configure the default gateway.

a. From global configuration mode, assign the default gateway to 192.168.1.1.

CustomerSwitch(config)#ip default-gateway 192.168.1.1

b. Click the Check Results button at the bottom of this instruction window to check your work.

Step 7: Verify the configuration.

 The Customer Switch should now be able to ping the ISP Server at 209.165.201.10. The first one or
two pings may fail while ARP converges.

CustomerSwitch(config)#end

CustomerSwitch#ping 209.165.201.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.201.10, timeout is 2 seconds:

..!!!

Success rate is 60 percent (3/5), round-trip min/avg/max = 181/189/197 ms

CustomerSwitch#

Reflection

a. What is the significance of assigning the IP address to the VLAN1 interface instead of any
of the Fast Ethernet interfaces?

b. What command is necessary to enforce password authentication on the console and vty lines?

c. How many gigabit ports are available on the Cisco Catalyst 2960 switch that you used in the
activity?
 Experiment-9
Aim: Performing an Initial Router Configuration

Topology Diagram

Background / Preparation

In this activity, you will use the Cisco IOS CLI to apply an initial configuration to a router,
including host name, passwords, a message-of-the-day (MOTD) banner, and other basic
settings.

Note: Some of the steps are not graded by Packet Tracer.

Step 1: Configure the router host name.

a. On Customer PC, use the terminal emulation software to connect to the console of the
customer Cisco 1841 ISR.

Set the host name on the router to CustomerRouter by using these commands.

Router>enable

Router#configure terminal
 Router(config)#hostname CustomerRouter

Step 2: Configure the privileged mode and secret passwords.

a. In global configuration mode, set the password to cisco.

CustomerRouter(config)#enable password cisco

Set an encrypted privileged password to cisco123 using the secret command.

CustomerRouter(config)#enable secret cisco123

Step 3: Configure the console password.

a. In global configuration mode, switch to line configuration mode to specify the console line.

CustomerRouter(config)#line console 0

Set the password to cisco123, require that the password be entered at login, and then exit line
configuration mode.

CustomerRouter(config-line)#password cisco123

CustomerRouter(config-line)#login

CustomerRouter(config-line)#exit

CustomerRouter(config)#

Step 4: Configure the vty password to allow Telnet access to the router.

a. In global configuration mode, switch to line configuration mode to specify the

vty lines.
 CustomerRouter(config)#line vty 0 4

Set the password to cisco123, require that the password be entered at login, exit line configuration
mode, and then exit the configuration session.

CustomerRouter(config-line)#password cisco123

CustomerRouter(config-line)#login

CustomerRouter(config-line)#exit

CustomerRouter(config)#

Step 5: Configure password encryption, a MOTD banner, and turn off domain server lookup.

a. Currently, the line passwords and the enable password are shown in clear text when you
show the running configuration. Verify this now by entering the show running-config
command.

To avoid the security risk of someone looking over your shoulder and reading the
passwords, encrypt all clear text passwords.

CustomerRouter(config)#service password-encryption

Use the show running-config command again to verify that the passwords are encrypted.

To provide a warning when someone attempts to log in to the router, configure a MOTD banner.
CustomerRouter(config)#banner motd $Authorized Access Only!$

Test the banner and passwords. Log out of the router by typing the exit command twice. The banner
displays before the prompt for a password. Enter the password to log back into the router.

You may have noticed that when you enter a command incorrectly at the user or privileged EXEC
prompt, the router pauses while trying to locate an IP address for the mistyped word you entered. For
example, this output shows what happens when the enable command is mistyped.

CustomerRouter>emable

Translating "emable"...domain server (255.255.255.255)

 To prevent this from happening, use the following command to stop all DNS lookups from
the router CLI.

CustomerRouter(config)#no ip domain-lookup

Save the running configuration to the startup configuration.

CustomerRouter(config)#end

CustomerRouter#copy run start

Step 6: Verify the configuration.

a. Log out of your terminal session with the Cisco 1841 customer router.

b. Log in to the Cisco 1841 Customer Router. Enter the console password when prompted.

c. Navigate to privileged EXEC mode. Enter the privileged EXEC password when prompted.

d. Click the Check Results button at the bottom of this instruction window to check your work.

Reflection

Which Cisco IOS CLI commands did you use most?

How can you make the customer router passwords more secure?
 Experiment-10
Aim: Configuring and Troubleshooting a Switched Network (1)

Topology Diagram

Background / Preparation
In this Packet Tracer Skills Integration Challenge activity, you will configure basic switch
management, including general maintenance commands, passwords, and port security. This
activity provides you an opportunity to review previously acquired skills.

Addressing Table

Device Interface IP Address Subnet Mask

R1 Fa0/0 172.17.99.1 255.255.255.0

S1 Fa0/1 172.17.99.11 255.255.255.0

PC1 NIC 172.17.99.21 255.255.255.0

PC2 NIC 172.17.99.22 255.255.255.0

Server NIC 172.17.99.31 255.255.255.0

Step 1: Establish a console connection to a switch.

For this activity, direct access to the S1 Config and CLI tabs is disabled. You must establish a
console session through PC1.

a. Connect a console cable from PC1 to S1.

b. From PC1, open a terminal window and use the default terminal configuration. You should
now have access to the CLI for S1.

c. Check results.

Your completion percentage should be 8%. If not, click Check Results to see which required
components are not yet completed.

Step 2: Configure the host name and VLAN 1.

a. Configure the switch host name as S1.

b. Configure port Fa0/1. Set the mode on Fast Ethernet 0/1 to access mode.
i. S1(config)#interface fastethernet 0/1
ii. S1(config-if)#switchport mode access

c. Configure IP connectivity on S1 using VLAN 1.

i. S1(config)#interface vlan 1
ii. S1(config-if)#ip address 172.17.99.11 255.255.255.0
iii. S1(config-if)#no shutdown

d. Configure the default gateway for S1 and then test connectivity. S1 should be able to ping R1.

e. Check results.

Your completion percentage should be 31%. If not, click Check Results to see which required
components are not yet completed. Also, make sure that interface VLAN 1 is active.

Step 3: Configure the current time using Help.

a. Configure the clock to the current time. At the privileged EXEC prompt, enter clock ?.

b. Use Help to discover the steps required to set the current time.
 c. Use the show clock command to verify that the clock is now set to the current time.
Packet Tracer may not correctly simulate the time you entered.

Packet Tracer does not grade this command, so the completion percentage does not change.

Step 4: Configure passwords.

a. Use the encrypted form of the privileged EXEC mode password and set the password to
class.

b. Configure the passwords for console and Telnet. Set both the console and vty
password to cisco and require users to log in.

c. View the current configuration on S1. Notice that the line passwords are shown in clear
text. Enter the command to encrypt these passwords.

d. Check results.

Your completion percentage should be 42%. If not, click Check Results to see which required
components are not yet completed.
 Experiment-11
Aim: Configuring and Troubleshooting a Switched Network (2)

Step 1: Configure the login banner.

If you do not enter the banner text exactly as specified, Packet Tracer does not grade your command
correctly.

These commands are case-sensitive. Also make sure that you do not include any spaces before or
after the text.

a. Configure the message-of-the-day banner on S1 to display as Authorized Access

Only. (Do not include the period.)

b. Check results.

Your completion percentage should be 46%. If not, click Check Results to see which required
components are not yet completed.

Step 2: Configure the router.

Routers and switches share many of the same commands. Configure the router with the same basic
commands you used on S1.

a. Access the CLI for R1 by clicking the device.

b. Do the following on R1:

• Configure the hostname of the router as R1.

• Configure the encrypted form of the privileged EXEC mode password and set the
password to class.

• Set the console and vty password to cisco and require users to log in.

• Encrypt the console and vty passwords.

• Configure the message-of-the-day as Authorized Access Only. (Do not include the
period.)
 c. Check results.

Your completion percentage should be 65%. If not, click Check Results to see which required
components are not yet completed.

Step 3: Solve a mismatch between duplex and speed.

a. PC1 and Server currently do not have access through S1 because the duplex and speed are
mismatched. Enter commands on S1 to solve this problem.

b. Verify connectivity.

c. Both PC1 and Server should now be able to ping S1, R1, and each other.

d. Check results.

Your completion percentage should be 73%. If not, click Check Results to see which required
components are not yet completed.

Step 4: Configure port security.

a. Use the following policy to establish port security on the port used by PC1:

• Enable port security

• Allow only one MAC address

• Configure the first learned MAC address to "stick" to the configuration

Note: Only enabling port security is graded by Packet Tracer and counted toward the completion
percentage.

However, all the port security tasks listed above are required to complete this activity successfully.

b. Verify that port security is enabled for Fa0/18. Your output should look like the
following output. Notice that S1 has not yet learned a MAC address for this interface.
What command generated this output?

S1#________________________________
 Port Security : Enabled

Port Status : Secure-up

Violation Mode : Shutdown

Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses :1

Total MAC Addresses :0

Configured MAC Addresses :0

Sticky MAC Addresses :0

Last Source Address:Vlan : 0000.0000.0000:0

Security Violation Count : 0

c. Force S1 to learn the MAC address for PC1. Send a ping from PC1 to S1. Then verify that
S1 added the MAC address for PC1 to the running configuration.
!

interface FastEthernet0/18

<output omitted>

switchport port-security mac-address sticky 0060.3EE6.1659

<output omitted>

!
d. Test port security. Remove the FastEthernet connection between S1 and PC1. Connect PC2 to Fa0/18. Wait
for the link lights to turn green. If necessary, send a ping from PC2 to S1 to cause the port to shut down.
Port security should show the following results: (the Last Source Address may be different)

Port Security : Enabled

Port Status : Secure-shutdown

Violation Mode : Shutdown
Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging: Disabled
Maximum MAC Addresses : 1
Total MAC Addresses :1
 Experiment-12
Aim: Connecting a Switch

Topology Diagram

Background / Preparation
In this activity, you will verify the configuration on the customer Cisco Catalyst 2960 switch. The
switch is already configured with all the basic necessary information for connecting to the LAN at
the customer site. The switch is currently not connected to the network. You will connect the switch
to the customer workstation, the customer server, and customer router. You will verify that the
switch has been connected and configured successfully by pinging the LAN interface of the
customer router.

Step 1: Connect the switch to the LAN.

a. Using the proper cable, connect the FastEthernet0/0 on Customer Router to the
FastEthernet0/1 on Customer Switch.

b. Using the proper cable, connect the Customer PC to the Customer Switch on port
FastEthernet0/2.

c. Using the proper cable, connect the Local Server to the Customer Switch on port
FastEthernet0/3.

Step 2: Verify the switch configuration.

a. From the Customer PC, use the terminal emulation software to connect to the
console of the customer Cisco Catalyst 2960 switch.
 b. Use the console connection and terminal utility on the Customer PC to verify the
configurations. Use cisco as the console password.

c. Enter privileged EXEC mode and use the show running-config command to verify the
following configurations. The password is cisco123.

• VLAN1 IP address = 192.168.1.5

• Subnet mask = 255.255.255.0
c. Password required for console access
d. Password required for vty access
e. Password enabled for privileged EXEC mode
f. Secret enabled for privileged EXEC mode

d. Verify IP connectivity between the Cisco Catalyst 2960 switch and the Cisco 1841 router by
initiating a ping to 192.168.1.1 from the switch CLI.

e. Click the Check Results button at the bottom of this instruction window to check your work.

Reflection

a. What is the significance of the enable secret command compared to the enable password?
b. If you want to remove the requirement to enter a password to access the console, what
commands do you issue from your starting point in privileged EXEC mode?

References

1. CCNA Lab Manual.

2. Computer Network Lab in Department of Electronics & Communication Engineering, Sri
Jayachamarajendra College of Engineering.